PROTECTING INFORMATION ASSETS NETWORK SECURITY
|
|
- Gilbert Black
- 5 years ago
- Views:
Transcription
1 PROTECTING INFORMATION ASSETS NETWORK SECURITY
2 PAUL SMITH 20 years of IT experience (desktop, servers, networks, firewalls.) 17 years of engineering in enterprise scaled networks 10+ years in Network Security 10+ years as a CISSP Graduate of Fox School of Business, MBA Assistant Director of Network Security for Temple University Adjunct Professor for ITACS: Network Security IT Governance
3 SIMPLE DEFINITIONS OF NETWORK SECURITY The purpose of network security is to protect the network and its component parts from unauthorized access and misuse The policies, practices and technology employed to prevent unauthorized access, misuse, modification, or denial of a computer network and network resources.
4 What is Security Posture? It is your overall security plan the approach your business takes to security, from planning to implementation. It is comprised of technical and non-technical policies, procedures and controls, that protect you from both internal and external threats
5 How Networks Work Network Security Security Posture Governance (Placing Limits) Compliance and Alignment with Laws Management Frameworks Risks Created by Paul M. Smith, MBA, CISSP
6 How Networks Work Network Security Security Posture Governance (Placing Limits) Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws Management Frameworks Risks Created by Paul M. Smith, MBA, CISSP
7 How Networks Work Network Security Security Posture Governance (Placing Limits) Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Management Frameworks Risks Created by Paul M. Smith, MBA, CISSP
8 How Networks Work Network Security Security Posture Governance (Placing Limits) Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Created by Paul M. Smith, MBA, CISSP
9 How Networks Work Network Security Security Posture Governance (Placing Limits) Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Created by Paul M. Smith, MBA, CISSP Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
10 How Networks Work Network Security Security Posture Governance (Placing Limits) Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Created by Paul M. Smith, MBA, CISSP Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
11 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Created by Paul M. Smith, MBA, CISSP Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
12 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Internet Protocols Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly DHCP SSH ARP DNS MAC TLS/SSL FTP TCP SNMP HTTP UDP IPSec NTP ICMP IPv4 v6 Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Created by Paul M. Smith, MBA, CISSP Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
13 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Internet Protocols Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly DHCP SSH ARP DNS MAC TLS/SSL FTP TCP SNMP HTTP UDP IPSec NTP ICMP IPv4 v6 Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Network Types Public IP Addressing Private IP Addressing Network Address Translation Cloud Computing Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Created by Paul M. Smith, MBA, CISSP Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
14 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Internet Protocols Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly DHCP SSH ARP DNS MAC TLS/SSL FTP TCP SNMP HTTP UDP IPSec NTP ICMP IPv4 v6 Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Network Types Components Public IP Addressing Private IP Addressing Network Address Translation Cloud Computing Hubs vs Switches Routers Wireless Intrusion Prevention and Detection Virtual Local-Area-Networks (VLANs) Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Created by Paul M. Smith, MBA, CISSP Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
15 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Internet Protocols Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly DHCP SSH ARP DNS MAC TLS/SSL FTP TCP SNMP HTTP UDP IPSec NTP ICMP IPv4 v6 Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Network Types Components Security Technology Created by Paul M. Smith, MBA, CISSP Public IP Addressing Private IP Addressing Network Address Translation Cloud Computing Hubs vs Switches Routers Wireless Intrusion Prevention and Detection Virtual Local-Area-Networks (VLANs) Firewalls Types, placement, rulesets, NAT Cryptography Algorithms, secret/public keys, CA Intrusion Prevention and Detection Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
16 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Internet Protocols Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly DHCP SSH ARP DNS MAC TLS/SSL FTP TCP SNMP HTTP UDP IPSec NTP ICMP IPv4 v6 Concepts CIA Triad Security Architecture Segmentation/Zones Perimeter Defense Defense-in-Depth Least Privilege Threat Landscape Due Care Due Diligence Redundancy / HA Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Network Types Components Public IP Addressing Private IP Addressing Network Address Translation Cloud Computing Hubs vs Switches Routers Wireless Intrusion Prevention and Detection Virtual Local-Area-Networks (VLANs) Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Security Technology Created by Paul M. Smith, MBA, CISSP Firewalls Types, placement, rulesets, NAT Cryptography Algorithms, secret/public keys, CA Intrusion Prevention and Detection Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
17 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Internet Protocols Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly DHCP SSH ARP DNS MAC TLS/SSL FTP TCP SNMP HTTP UDP IPSec NTP ICMP IPv4 v6 Concepts CIA Triad Security Architecture Segmentation/Zones Perimeter Defense Defense-in-Depth Least Privilege Threat Landscape Due Care Due Diligence Redundancy / HA Threats and Attacks Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Network Types Components Public IP Addressing Private IP Addressing Network Address Translation Cloud Computing Hubs vs Switches Routers Wireless Intrusion Prevention and Detection Virtual Local-Area-Networks (VLANs) Threat Landscape Reconnaissance Vulnerabilities (CVEs) DDoS / DOS Sniffers Social Engineering Data Harvesting Cyber Kill Chain Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Security Technology Created by Paul M. Smith, MBA, CISSP Firewalls Types, placement, rulesets, NAT Cryptography Algorithms, secret/public keys, CA Intrusion Prevention and Detection Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
18 How Networks Work Network Security Security Posture Governance (Placing Limits) OSI Model Internet Protocols Well-known ports Encapsulation Connection vs connectionless Three-way handshake Packet Analysis What is an anomaly DHCP SSH ARP DNS MAC TLS/SSL FTP TCP SNMP HTTP UDP IPSec NTP ICMP IPv4 v6 Concepts CIA Triad Security Architecture Segmentation/Zones Perimeter Defense Defense-in-Depth Least Privilege Threat Landscape Due Care Due Diligence Redundancy / HA Threats and Attacks Organizational Culture Policy and Strategy Ethical Issues Balance = Trade-offs What are you governing? Asset Classification (FIPS 199) Compliance and Alignment with Laws HIPAA (Healthcare) PCI-DSS (Retail) GLBA (Financial Sector) FISMA (Government) SOX (Corporate) Network Types Components Public IP Addressing Private IP Addressing Network Address Translation Cloud Computing Threat Landscape Reconnaissance Vulnerabilities (CVEs) DDoS / DOS Sniffers Social Engineering Data Harvesting Cyber Kill Chain Hubs vs Switches Routers Wireless Intrusion Prevention and Detection Virtual Local-Area-Networks (VLANs) Security Operations Management Frameworks Best Practices Guidelines Gap Analysis NIST FIPS 199 ISO / COBIT/DSS05.x/APO13 CSET Assessment Risks Security Technology Created by Paul M. Smith, MBA, CISSP Firewalls Types, placement, rulesets, NAT Cryptography Algorithms, secret/public keys, CA Intrusion Prevention and Detection Security Operations Centers (SOC) Continuous Monitoring Security Incident Event Mgmt (SIEM) Subject Matter Experts (SMEs) Process / Operational controls Logical Controls Technical Controls Risk acceptance Risk avoidance Risk transfer Risk mitigation Risk assessments Likelihood Impact SP ISO 27005
19
20 MOVING DATA Addressing Data Packets Delivery Method
21 BASIC NETWORKING - MAC ADDRESSES b b A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment. The Address Resolution Protocol (ARP) is a telecommunication protocol used for discovering the MAC Addresses of known Internet Protocol (IP) addresses LAN a2-b a ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network.
22 BASIC NETWORKING PORTS MACHINES LISTEN TO FOR DATA TRAFFIC b b Port 80: Web Port 443: Secure web Port 1433: SQL Database Port 1521: Oracle Database Scan networks for these ports to identify which servers are offering which services LAN a2-b a
23 A data packet is typically forwarded from one router to another through the networks that constitute the internetwork until it reaches its destination node. BASIC NETWORKING ROUTERS b b SQL Server Listening: LAN c2-a LAN Router a2-b a A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet.
24 MODELS AND PROTOCOLS
25 OSI MODEL Developed by ISO International Organization of Standardization Layered, each level sends to the layer above or below.
26 BENEFITS OF OSI MODEL Common Language Acceptable Behavior Protocols: set of rules that dictates how computers communicate over networks TCP/IP is a suite of protocols - de facto standard of the internet
27 DATA FLOW OSI MODEL Data encapsulation occurs as data travels down the stack. Data DE-capsulation = stripping off layers as the data travels up the stack.
28 PACKETS
29 TWO MODELS
30 SWITCHED ENVIRONMENTS
31 NONE-SWITCH ENVIRONMENTS Broadcast Domain All packets received by the hub are transmitted out all ports b b b b a2-b b a2-b b a a
32 SWITCH ENVIRONMENTS Packets received by the switch are transmitted out ports based on destination mac addresses Broadcast Domain b b b b a2-b b a2-b b a a
33 Router A broadcast domain is a logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer. - Wikipedia Broadcast Mac: FF:FF:FF:FF:FF:FF Broadcast Mac: FF:FF:FF:FF:FF:FF Broadcast Domain 1 Broadcast Domain 2 Switch Switch b b b b a2-b b a2-b b a a
34 IP ADDRESSING IP ADDRESSING IS THE LAYER ABOVE MAC ADDRESSING
35 IP ADDRESSING What is it? Postal System for packets Street, City and ZIP code Network ID vs. Host ID
36 IP ADDRESSING Private vs public addressing Internet Engineering Task Force s RFC 1918 architecture sets three blocks of IP addresses for private/internal (local area network) use Address ranges are not routed on the Internet Addresses require Network Address Translation or NAT to access the Internet
37 BROADCAST DOMAIN
38 Router Packet DST = Packet SRC= (Spoofed) Broadcast IP: Broadcast IP: Broadcast Domain 1 Broadcast Domain 2 Switch Switch b b b b a2-b b a2-b b a a
39 Router The router will change the DST mac address to FF:FF:FF:FF:FF:FF Packet DST = Broadcast IP: Broadcast Domain 1 Broadcast Domain 2 Switch Switch b b b b a2-b b a2-b b a a
40 Router Each receiving machine will send a reply to Packet DST= Broadcast IP: Broadcast IP: Broadcast Domain 1 Broadcast Domain 2 Switch Switch b b b b a2-b b a2-b b a a
41 Router Each receiving machine will send a reply to Packet SRC= Broadcast IP: Broadcast IP: Broadcast Domain 1 Broadcast Domain 2 Switch Switch b b b b a2-b b a2-b b a a
42 NETWORK ARCHITECTURES Access costs, speed, flexibility and reliability Critical infrastructure Risk of downtime (loss of availability)? Impact of downtime? Business Continuality Planning Role of Highly Available and Redundant networks
43 b b a a Switch b b b b b b a2-b a2-b b b b b a2-b a2-b Switch a a Router 1 Router 2 Router Cluster Dual Connected switches
44 DOMAIN NAME SYSTEM (DNS) Hostname-to-IP addressing translation: to
45 DOMAIN NAME SERVER (DNS) Hierarchical structure Root Servers Top-level domains Split-DNS Internal vs External facing Vulnerability to attack
46 FIREWALLS
47 FIREWALL ROLES AND PLACEMENT Placed at network borders Network Address Translation (NAT) Packet filtering IP-Address Port Application based Stateful inspection Reassembling packets first IPS Inspections All equal overhead processing
48 ENCRYPTION
49 ENCRYPTION Protecting data in-transit Becoming the standard for data transmission and storage in large companies Encryption IPSEC and TLS
50 ENCRYPTION BASICS
51 AVOID USING CLEAR TEXT SERVICES
52 ATTACKS
53 ATTACK METHODOLOGY Reconnaissance Scanning Gaining Access (Exploit) Elevating Access Exfiltration/ Modify Clearing Tracks
54 ATTACK METHODOLOGY/COUNTER MEASURES Port / Network Level Filter Firewall or ACL Reconnaissance Scanning Vulnerability Patching System Patching Password Policy Least-privilege Gaining Access (Exploit) Elevating Access System Patching Password Policy Least-privilege Monitor IPFlows Encryption File Logging Exfiltration/ Modify Clearing Tracks Move logs off to SIEMS
55 DENIAL OF SERVICE ATTACKS (DOS) Rather than gaining access, deny access to others! Two Types DoS or Distributed DoS By preventing networks and servers from handling legitimate traffic, attackers deny service. Overwhelm firewalls or servers with invalid traffic patterns that consume bandwidth, memory or CPU resources. Distributed means leveraging others in the attack.
56 HOW DOS WORKS SYN attack: attacker ignored syn/ack return, each SYN takes up a TCP connection on the server. Goal is to exhaust TCP connection table. Reflective DoS: spoof the sending IP address so return syn/ack traffic attacks another IP. Distributed DoS: Have multiple Zombie machines in a BOT Net attack a single IP. UDP attacks: flooding the pipes or links with traffic Which does not need Three-Way Handshake. Forces routers and firewalls to process useless traffic.
57 HOW TO COUNTER DOS Anomaly detection Usual traffic patterns Network traffic which breaks rules Install an Anomaly detection appliance Turn on features on firewalls Not the same a signature based Intrusion Detection (IPS)
58 INTRUSION DETECTION VS PREVENTION Monitor Mode Signature Based
59 SIGNATURE VS BEHAVIOR Signature-based Knowledge based Database of signatures Needs constant updates Zero-day attacks missed Behavior-based Statistical or anomaly based Many false positives Compares activity to normal (Baselines)
60 SUMMARY OF BEST PRACTICE STEPS Segment Hosts and Broadcast Domains (vlans, switches, routers) Know where your data is and classify it (Data classification standards, policy) Control which hosts can talk. (Router Access Control Lists or Firewall rules) Reduce exposure to untrusted networks (Firewalls) Good host hygiene. (Patch Management, vulnerability management) Know your own network (Discover scans to look for new hosts usually not patched!) Protecting Data (Encryption at rest and Encryption in-transit)
61
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationUnderstanding Cisco Cybersecurity Fundamentals
210-250 Understanding Cisco Cybersecurity Fundamentals NWExam.com SUCCESS GUIDE TO CISCO CERTIFICATION Exam Summary Syllabus Questions Table of Contents Introduction to 210-250 Exam on Understanding Cisco
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationEducation Network Security
Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or
More informationImplementing Cisco Cybersecurity Operations
210-255 Implementing Cisco Cybersecurity Operations NWExam.com SUCCESS GUIDE TO CISCO CERTIFICATION Exam Summary Syllabus Questions Table of Contents Introduction to 210-255 Exam on Implementing Cisco
More informationCompTIA Network+ Study Guide Table of Contents
CompTIA Network+ Study Guide Table of Contents Course Introduction Table of Contents Getting Started About This Course About CompTIA Certifications Module 1 / Local Area Networks Module 1 / Unit 1 Topologies
More informationCIH
mitigating at host level, 23 25 at network level, 25 26 Morris worm, characteristics of, 18 Nimda worm, characteristics of, 20 22 replacement login, example of, 17 signatures. See signatures SQL Slammer
More informationNetwork Security. Kitisak Jirawannakool Electronics Government Agency (public organisation)
1 Network Security Kitisak Jirawannakool Electronics Government Agency (public organisation) A Brief History of the World 2 OSI Model vs TCP/IP suite 3 TFTP & SMTP 4 ICMP 5 NAT/PAT 6 ARP/RARP 7 DHCP 8
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 8 System Vulnerabilities and Denial of Service Attacks System Vulnerabilities and
More informationTestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified
TestOut Network Pro - English 5.0.x COURSE OUTLINE Modified 2018-03-06 TestOut Network Pro Outline - English 5.0.x Videos: 130 (17:10:31) Demonstrations: 78 (8:46:15) Simulations: 88 Fact Sheets: 136 Exams:
More informationInternetwork Expert s CCNA Security Bootcamp. Common Security Threats
Internetwork Expert s CCNA Security Bootcamp Common Security Threats http:// Today s s Network Security Challenge The goal of the network is to provide high availability and easy access to data to meet
More informationThis course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N
CompTIA Network+ (Exam N10-007) Course Description: CompTIA Network+ is the first certification IT professionals specializing in network administration and support should earn. Network+ is aimed at IT
More informationTestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified
TestOut Network Pro - English 4.1.x COURSE OUTLINE Modified 2017-07-06 TestOut Network Pro Outline - English 4.1.x Videos: 141 (18:42:14) Demonstrations: 81 (10:38:59) Simulations: 92 Fact Sheets: 145
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationCHCSS. Certified Hands-on Cyber Security Specialist (510)
CHCSS Certified Hands-on Cyber Security Specialist () SYLLABUS 2018 Certified Hands-on Cyber Security Specialist () 2 Course Description Entry level cyber security course intended for an audience looking
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationCourse Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture
About this Course This course will best position your organization to analyse threats and detect anomalies that could indicate cybercriminal behaviour. The payoff for this new proactive approach would
More informationLayer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers
Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled
More informationFundamentals of Network Security v1.1 Scope and Sequence
Fundamentals of Network Security v1.1 Scope and Sequence Last Updated: September 9, 2003 This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationCISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationSoftware Development & Education Center Security+ Certification
Software Development & Education Center Security+ Certification CompTIA Security+ Certification CompTIA Security+ certification designates knowledgeable professionals in the field of security, one of the
More informationVulnerability Management
Vulnerability Management Service Definition Table of Contents 1 INTRODUCTION... 2 2 SERVICE OFFERINGS VULNERABILITY MANAGEMENT... 2 3 SOLUTION PURPOSE... 3 4 HOW IT WORKS... 3 5 WHAT S INCLUDED... 4 6
More informationImplementing Cisco Network Security (IINS) 3.0
Implementing Cisco Network Security (IINS) 3.0 COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationIntrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks
Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial
More informationInterconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview
Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview This course will teach students about building a simple network, establishing internet connectivity, managing network device security,
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationDistributed Systems. 29. Firewalls. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 29. Firewalls Paul Krzyzanowski Rutgers University Fall 2015 2013-2015 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive data & systems not accessible Integrity:
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 19: Intrusion Detection Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Intruders Intrusion detection host-based network-based
More informationThe IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title.
I n t r o d u c t i o n The CCNA Security IINS exam topics have been refreshed from version 2.0 to version 3.0. This document will highlight exam topic changes between the current 640-554 IINS exam and
More informationAwareness Technologies Systems Security. PHONE: (888)
Awareness Technologies Systems Security Physical Facility Specifications At Awareness Technologies, the security of our customers data is paramount. The following information from our provider Amazon Web
More informationCyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems
Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems Section 1: Command Line Tools Skill 1: Employ commands using command line interface 1.1 Use command line commands to gain situational
More informationFirewalls, IDS and IPS. MIS5214 Midterm Study Support Materials
Firewalls, IDS and IPS MIS5214 Midterm Study Support Materials Agenda Firewalls Intrusion Detection Systems Intrusion Prevention Systems Firewalls are used to Implement Network Security Policy Firewalls
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationBroadcast Infrastructure Cybersecurity - Part 2
SBE Webinar Series - 2018 Broadcast Infrastructure Cybersecurity - Part 2 Wayne M. Pecena, CPBE, CBNE Texas A&M University Educational Broadcast Services KAMU FM-TV Broadcast Infrastructure Cybersecurity
More informationIxLoad-Attack TM : Network Security Testing
IxLoad-Attack TM : Network Security Testing IxLoad-Attack tests network security appliances to validate that they effectively and accurately block attacks while delivering high end-user quality of experience
More informationFRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months
FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES
More informationTotal Security Management PCI DSS Compliance Guide
Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to
More informationSyllabus: The syllabus is broadly structured as follows:
Syllabus: The syllabus is broadly structured as follows: SR. NO. TOPICS SUBTOPICS 1 Foundations of Network Security Principles of Network Security Network Security Terminologies Network Security and Data
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationITdumpsFree. Get free valid exam dumps and pass your exam test with confidence
ITdumpsFree http://www.itdumpsfree.com Get free valid exam dumps and pass your exam test with confidence Exam : 312-50v10 Title : Certified Ethical Hacker Exam (CEH v10) Vendor : EC-COUNCIL Version : DEMO
More informationCheck Point DDoS Protector Introduction
Check Point DDoS Protector Introduction Petr Kadrmas SE Eastern Europe pkadrmas@checkpoint.com Agenda 1 (D)DoS Trends 2 3 4 DDoS Protector Overview Protections in Details Summary 2 (D)DoS Attack Methods
More informationModular Policy Framework. Class Maps SECTION 4. Advanced Configuration
[ 59 ] Section 4: We have now covered the basic configuration and delved into AAA services on the ASA. In this section, we cover some of the more advanced features of the ASA that break it away from a
More informationWired internetworking devices. Unit objectives Differentiate between basic internetworking devices Identify specialized internetworking devices
Wired internetworking devices Unit objectives Differentiate between basic internetworking devices Identify specialized internetworking devices Topic A Topic A: Basic internetworking devices Topic B: Specialized
More informationPrecisionAccess Trusted Access Control
Data Sheet PrecisionAccess Trusted Access Control Defeats Cyber Attacks Credential Theft: Integrated MFA defeats credential theft. Server Exploitation: Server isolation defeats server exploitation. Compromised
More informationNetwork Protocols - Revision
Network Protocols - Revision Luke Anderson luke@lukeanderson.com.au 18 th May 2018 University Of Sydney Overview 1. The Layers 1.1 OSI Model 1.2 Layer 1: Physical 1.3 Layer 2: Data Link MAC Addresses 1.4
More informationIntroduction p. 1 The Need for Security p. 2 Public Network Threats p. 2 Private Network Threats p. 4 The Role of Routers p. 5 Other Security Devices
Preface p. xv Acknowledgments p. xvii Introduction p. 1 The Need for Security p. 2 Public Network Threats p. 2 Private Network Threats p. 4 The Role of Routers p. 5 Other Security Devices p. 6 Firewall
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationSYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet
SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document
More informationENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE
ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our
More informationChapter Three test. CompTIA Security+ SYO-401: Read each question carefully and select the best answer by circling it.
Chapter Three test Name: Period: CompTIA Security+ SYO-401: Read each question carefully and select the best answer by circling it. 1. What protocol does IPv6 use for hardware address resolution? A. ARP
More informationFundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code
Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code Learning Objective Explain the importance of network principles and architecture
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks
Security+ Guide to Network Security Fundamentals, Fourth Edition Network Attacks Denial of service Attacks Introduction: What is DoS? DoS attack is an attempt (malicious or selfish) by an attacker to cause
More informationNetwork Security: Firewall, VPN, IDS/IPS, SIEM
Security: Firewall, VPN, IDS/IPS, SIEM Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr What is a Firewall? A firewall is hardware, software, or a combination of both that is used to prevent unauthorized
More informationASA/PIX Security Appliance
I N D E X A AAA, implementing, 27 28 access to ASA/PIX Security Appliance monitoring, 150 151 securing, 147 150 to websites, blocking, 153 155 access control, 30 access policies, creating for web and mail
More informationComputer and Network Security
Computer and Network Security c Copyright 2000 R. E. Newman Computer & Information Sciences & Engineering University Of Florida Gainesville, Florida 32611-6120 nemo@cise.ufl.edu Network Security (Pfleeger
More informationIntroduction to Computer Networks. CS 166: Introduction to Computer Systems Security
Introduction to Computer Networks CS 166: Introduction to Computer Systems Security Network Communication Communication in modern networks is characterized by the following fundamental principles Packet
More informationCIS Controls Measures and Metrics for Version 7
Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update
More informationHands-On TCP/IP Networking
Hands-On Course Description In this Hands-On TCP/IP course, the student will work on a live TCP/IP network, reinforcing the discussed subject material. TCP/IP is the communications protocol suite on which
More informationThreat Pragmatics. Target 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by:
Threat Pragmatics 25-29 June 2018 PacNOG 22, Honiara, Solomon Islands Supported by: Issue Date: Revision: 1 Target Many sorts of targets: Network infrastructure Network services Application services User
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security
EMERGING THREATS & STRATEGIES FOR DEFENSE Paul Fletcher Cyber Security Evangelist @_PaulFletcher Threats by Customer Environment Cloud Environment On Premise Environment 1.96% 0.13% 0.02% application-attack
More informationCorrigendum 3. Tender Number: 10/ dated
(A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationINTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
INTRODUCTION: DDOS ATTACKS 1 DDOS ATTACKS Though Denial of Service (DoS) and Distributed Denial of Service (DDoS) have been common attack techniques used by malicious actors for some time now, organizations
More informationCIS Controls Measures and Metrics for Version 7
Level 1.1 Utilize an Active Discovery Tool 1.2 Use a Passive Asset Discovery Tool 1.3 Use DHCP Logging to Update Asset Inventory 1.4 Maintain Detailed Asset Inventory 1.5 Maintain Asset Inventory Information
More informationComputer Networks (Introduction to TCP/IP Protocols)
Network Security(CP33925) Computer Networks (Introduction to TCP/IP Protocols) 부산대학교공과대학정보컴퓨터공학부 Network Type Elements of Protocol OSI Reference Model OSI Layers What we ll learn today 2 Definition of
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More informationContents at a Glance
Contents at a Glance Introduction 1 I The Essentials of Network Perimeter Security 1 Perimeter Security Fundamentals 7 2 Packet Filtering 23 3 Stateful Firewalls 55 4 Proxy Firewalls 87 5 Security Policy
More informationChapter 8 roadmap. Network Security
Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationHands-On Ethical Hacking and Network Defense
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified 1-11-17 Objectives Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the
More informationSECURITY PRACTICES OVERVIEW
SECURITY PRACTICES OVERVIEW 2018 Helcim Inc. Copyright 2006-2018 Helcim Inc. All Rights Reserved. The Helcim name and logo are trademarks of Helcim Inc. P a g e 1 Our Security at a Glance About Helcim
More informationCCNA Exploration Network Fundamentals
CCNA Exploration 4.0 1. Network Fundamentals The goal of this course is to introduce you to fundamental networking concepts and technologies. These online course materials will assist you in developing
More informationComputer Network Vulnerabilities
Computer Network Vulnerabilities Objectives Explain how routers are used to protect networks Describe firewall technology Describe intrusion detection systems Describe honeypots Routers Routers are like
More informationFundamentals of IP Networking 2017 Webinar Series Part 5 Cybersecurity Fundamentals & Securing the Network
Fundamentals of IP Networking 2017 Webinar Series Part 5 Cybersecurity Fundamentals & Securing the Network Wayne M. Pecena, CPBE, CBNE Texas A&M University Educational Broadcast Services KAMU Public Broadcasting
More informationSecurity Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)
Security Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings) Lecture Outline Network Attacks Attive Attacks Passive Attacks TCP Attacks Contermeasures IPSec SSL/TLS Firewalls
More informationSimple and Powerful Security for PCI DSS
Simple and Powerful Security for PCI DSS The regulations AccessEnforcer helps check off your list. Most merchants think they are too small to be targeted by hackers. In fact, their small size makes them
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationCertified Ethical Hacker (CEH)
Certified Ethical Hacker (CEH) COURSE OVERVIEW: The most effective cybersecurity professionals are able to predict attacks before they happen. Training in Ethical Hacking provides professionals with the
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationCisco CCNA (ICND1, ICND2) Bootcamp
Cisco CCNA (ICND1, ICND2) Bootcamp Course Duration: 5 Days Course Overview This five-day course covers the essential topics of ICND1 and ICND2 in an intensive Bootcamp format. It teaches students the skills
More informationA. The portal will function as an identity provider and issue an authentication assertion
Volume: 88 Questions Question: 1 A security analyst wishes to increase the security of an FTP server. Currently, all trails to the FTP server is unencrypted. Users connecting to the FTP server use a variety
More informationACS / Computer Security And Privacy. Fall 2018 Mid-Term Review
ACS-3921-001/4921-001 Computer Security And Privacy Fall 2018 Mid-Term Review ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted and/or modified
More informationINFS 766 Internet Security Protocols. Lecture 1 Firewalls. Prof. Ravi Sandhu INTERNET INSECURITY
INFS 766 Internet Security Protocols Lecture 1 Firewalls Prof. Ravi Sandhu INTERNET INSECURITY Internet insecurity spreads at Internet speed Morris worm of 1987 Password sniffing attacks in 1994 IP spoofing
More informationCompTIA Security+ (Exam SY0-401)
CompTIA Security+ (Exam SY0-401) Course Overview This course will prepare students to pass the current CompTIA Security+ SY0-401 certification exam. After taking this course, students will understand the
More informationIntroduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview
IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential
More informationUCOP ITS Systemwide CISO Office Systemwide IT Policy. UC Event Logging Standard. Revision History. Date: By: Contact Information: Description:
UCOP ITS Systemwide CISO Office Systemwide IT Policy UC Event Logging Standard Revision History Date: By: Contact Information: Description: 05/02/18 Robert Smith robert.smith@ucop.edu Approved by the CISOs
More informationCIT 380: Securing Computer Systems. Network Security Concepts
CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines
More informationNetworks Fall This exam consists of 10 problems on the following 13 pages.
CSCI 466 Final Networks Fall 2011 Name: This exam consists of 10 problems on the following 13 pages. You may use your two- sided hand- written 8 ½ x 11 note sheet during the exam and a calculator. No other
More informationWatson Developer Cloud Security Overview
Watson Developer Cloud Security Overview Introduction This document provides a high-level overview of the measures and safeguards that IBM implements to protect and separate data between customers for
More information